Cloudflare experiment ports most of Next.js API 'in one week' with AI

Uses Vite and Claude to sidestep Vercel lock-in with a new open source build tool A Cloudflare engineer says he has ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.